search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2020-09-09 2020-09-09 2021-02-16 VU#589825 Devices supporting Bluetooth BR/EDR and LE using CTKD are vulnerable to key overwrite
2020-05-18 2020-04-14 2021-02-10 VU#647177 4.8 Bluetooth devices supporting BR/EDR are vulnerable to impersonation attacks
2021-02-09 2021-02-09 2021-02-09 VU#466044 Siemens Totally Integrated Automation Portal vulnerable to privilege escalation due to Node.js paths
2021-02-01 2021-02-01 2021-02-01 VU#125331 Adobe ColdFusion is vulnerable to privilege escalation due to weak ACLs
2020-12-26 2020-12-26 2021-01-28 VU#843464 SolarWinds Orion API authentication bypass allows remote command execution
2020-12-23 2020-12-23 2021-01-06 VU#429301 Veritas Backup Exec is vulnerable to privilege escalation due to OPENSSLDIR location
2020-11-23 2020-11-23 2020-12-08 VU#724367 VMware Workspace ONE Access and related components are vulnerable to command injection
2020-11-10 2020-11-10 2020-11-16 VU#231329 Replay Protected Memory Block (RPMB) protocol does not adequately defend against replay attacks
2020-10-26 2020-10-26 2020-11-11 VU#760767 Macrium Reflect is vulnerable to privilege escalation due to OPENSSLDIR location
2020-10-22 2020-10-20 2020-11-09 VU#208577 Chocolatey Boxstarter is vulnerable to privilege escalation due to weak ACLs
2020-10-12 2020-10-12 2020-10-12 VU#114757 Acronis backup software contains multiple privilege escalation vulnerabilities
2019-12-19 2019-09-27 2020-10-08 VU#941987 6.8 Apple devices vulnerable to arbitrary code execution in SecureROM
2020-06-02 2020-06-01 2020-09-30 VU#636397 IP-in-IP protocol routes arbitrary traffic by default
2010-08-02 2010-08-02 2020-09-02 VU#362332 9.5 Wind River Systems VxWorks debug service enabled by default
2020-08-20 2020-08-20 2020-08-24 VU#221785 Diebold Nixdorf ProCash 2100xe USB ATM does not adequately secure communications between CCDM and host

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis